Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\Abcdef Hijklmnso Qrs] 'Start' = '00000002'
- '<SYSTEM32>\rundll32.exe' %TEMP%\\2283000.dll,Install
- '<SYSTEM32>\svchost.exe' -k "Abcdef Hijklmnso Qrs"
- %WINDIR%\5136789.dll
- %WINDIR%\4852302.dll
- %TEMP%\2283000.dll
- 'lo###l.gicp.net':881
- 'lo####.no-ip.org':881
- DNS ASK lo###l.gicp.net
- DNS ASK lo####.no-ip.org